Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-14-2013, 02:44 PM
|
#1
|
LQ Newbie
Registered: Jun 2013
Posts: 8
Rep:
|
X11 Forwarding Twice
I have a Unix server unconnected to the internet, we'll call it the server. I have a Linux running RedHat connected to the Unix server through a network switch, we'll call it machine1. I now have a VirtualBox running Fedora, we'll call it machine2.
The Unix (server) shell is tsch, both the RedHat and Fedora (machine1 and machine2) shells are bash.
I can use "ssh -Y" to connect from machine2 to machine1 and display graphics. I can use "ssh -Y" or telnet to connect from machine1 to the server. However, when I use "ssh -Y" from machine1 to the server I don't have a DISPLAY environment variable on the server; I have to set it myself. If I set it to the IP address of machine1 (the IP address of machine1 on the network switch), I can display graphics on machine1.
However, when I connect from machine2 to machine1 through "ssh -Y machine1," then from the remotely logged in machine1 to the server with either SSH or telnet, I'm unable to display graphics. I tried setting the DISPLAY variable to the IP address (from the network switch) of machine1, which didn't work (let's call this IP address 192.168.x.x). I tried setting it to the IP address of machine2, which didn't work either, which makes sense as the server isn't connected to the internet. When I try to set it to "localhost:10.0," whenever I call something (like xterm), it pauses for a second then says that it can't connect to localhost:10.0.
Since machine1's DISPLAY variable after SSHing is "localhost:10.0" I thought it should work. Then I thought maybe I should set it the IP address of the network switch of machine1, except set it to port 10 instead of 0 (e.g. setenv DISPLAY 192.168.x.x:10.0), and this didn't work either.
Does anyone know what's wrong? The Unix server is very old and I'm afraid that's what's causing the problem; I doubt I'd be able to fix it because all the ways I know how to open ports and ensure X11 forwarding is on doesn't work on such an old machine. HOWEVER, remember that machine1 can get graphics from the Unix server through either SSH or telnet; the caveat is that you have to set the DISPLAY variable by hand when connecting with SSH.
|
|
|
06-14-2013, 03:48 PM
|
#2
|
Member
Registered: Jan 2012
Location: South Africa
Posts: 509
|
Hi there,
What Unix flavour are you running on the server?
You shouldn't set the DISPLAY when using ssh X11 forwarding (ssh -X or ssh -Y). Have you tried testing your graphics without setting DISPLAY (by running something like xclock for example)?
Have a look at the X11Forwarding settings in sshd_config on all the machines in your chain - this is disabled by default on may machines.
Regards,
Clifford
|
|
|
06-14-2013, 03:53 PM
|
#3
|
LQ Newbie
Registered: Jun 2013
Posts: 8
Original Poster
Rep:
|
Quote:
Originally Posted by cliffordw
Hi there,
What Unix flavour are you running on the server?
You shouldn't set the DISPLAY when using ssh X11 forwarding (ssh -X or ssh -Y). Have you tried testing your graphics without setting DISPLAY (by running something like xclock for example)?
Have a look at the X11Forwarding settings in sshd_config on all the machines in your chain - this is disabled by default on may machines.
Regards,
Clifford
|
I don't have the Unix flavor name on me right now, unfortunately. And I know the DISPLAY should be automatically set when SSHing. I have tried testing graphics without setting the DISPLAY - it complains that there is no DISPLAY variable set.
For some reason I can't find the sshd_config file anywhere on the computer. Is there a way to trace it from the sshd process?
|
|
|
06-14-2013, 04:01 PM
|
#4
|
Member
Registered: Jan 2012
Location: South Africa
Posts: 509
|
For the unix flavour, try running "uname -a".
For sshd_config, the most common locations are /etc/ssh/sshd_config, /usr/local/etc/ssh/sshd_config or /usr/local/etc/sshd_config. Can you tell where the ssh and sshd commands are located? This could help find the config file - cd to one directory up from there, and run "find . -type f -name sshd_config".
|
|
|
06-14-2013, 04:04 PM
|
#5
|
Member
Registered: Jan 2012
Location: South Africa
Posts: 509
|
BTW, I tried this, and get error messages along the lines of "Error: Can't open display: " when the forwarding isn't working correctly.
|
|
|
06-14-2013, 04:17 PM
|
#6
|
LQ Newbie
Registered: Jun 2013
Posts: 8
Original Poster
Rep:
|
Quote:
Originally Posted by cliffordw
BTW, I tried this, and get error messages along the lines of "Error: Can't open display: " when the forwarding isn't working correctly.
|
That is exactly the error message I get. I'm guessing then that forwarding isn't working correctly on the Unix side.
Time to dig for the config file, as last time I checked they weren't in either location.
EDIT: Could it also be a closed port problem? I thought ports didn't really matter on a network switch but I could be wrong.
|
|
|
06-14-2013, 04:22 PM
|
#7
|
Member
Registered: Jan 2012
Location: South Africa
Posts: 509
|
Quote:
Originally Posted by Dodosaur
Could it also be a closed port problem? I thought ports didn't really matter on a network switch but I could be wrong.
|
The switch is unlikely to be blocking ports, although the hosts on either side could be. As far as I understand this, the X11 traffic is tunneled via the ssh connection, so if ssh is working, so should X11 - no other ports need to be open.
---------- Post added 2013-06-14 at 22:23 ----------
If you can't get this working, an alternate approach might be to install a VNC server on the Unix server, and connecting to it via an SSH tunnel.
|
|
|
06-14-2013, 04:30 PM
|
#8
|
LQ Newbie
Registered: Jun 2013
Posts: 8
Original Poster
Rep:
|
Quote:
Originally Posted by cliffordw
The switch is unlikely to be blocking ports, although the hosts on either side could be. As far as I understand this, the X11 traffic is tunneled via the ssh connection, so if ssh is working, so should X11 - no other ports need to be open.
---------- Post added 2013-06-14 at 22:23 ----------
If you can't get this working, an alternate approach might be to install a VNC server on the Unix server, and connecting to it via an SSH tunnel.
|
I thought about doing something like that, but installing anything on the Unix is a pain as it doesn't have an internet connection.
I'll try configuring SSH correctly next time I have access to the computer, thanks for all of your help.
|
|
|
06-14-2013, 09:16 PM
|
#9
|
LQ Newbie
Registered: Jun 2013
Posts: 8
Original Poster
Rep:
|
Alright, so everything is configured correctly (I found the files in /usr/local/etc) but nothing is working still. I'm sure X11 Forwarding is enabled on both sides.
Since the computer is old I also tried it with X11UseLocalhost yes on the Unix server's sshd_config file but this didn't work either.
Last edited by Dodosaur; 06-14-2013 at 09:19 PM.
|
|
|
06-14-2013, 11:12 PM
|
#10
|
LQ Newbie
Registered: Jun 2013
Posts: 8
Original Poster
Rep:
|
Alright, time for some closure (sorry for posting three times in a row, I just feel that this warrants a separate post).
For some reason, whoever last configured this computer had different config files for different users (although he only enabled X11 forwarding on them). Another problem was that sshd couldn't find the RSA and DSA keys for the user I wanted to connect to after I pointed sshd back to the original sshd_config file for the user I wanted to SSH into, and I had to use ssh-keygen to regenerate those as well as fix the issue on the clientside (new RSA keys = security warning).
I restarted after each change (because I didn't know which one would work) and after those steps it started working.
For those getting here through Google, big problems were: old version of SSH, old machine, and bad initial configuration.
Thank you cliffordw, you've been a great help!
|
|
|
All times are GMT -5. The time now is 04:57 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|